Need Help coding MW2_Admin/Hosting Aid

[shailm_85]

Hi all

i am not good programer & and i'm totally new to this accessing other programs memory

I am making Admin tool using VB 2008 for MW2 1.0.182 (AlterIW 1.3.37 version)
with options like

+Change Map
+Maplist
+Change Game Mode
+Restart Map & Fast restart
+Kick Players
+Ban Player
+Force host
+InGame Console Commands
+Changing Scorelimit & TimeLimt
+Profile Backup & Restore
+Sending Welcome & Warning to all Players
+Nickname Editor with coloured name
+Costume Server List
+Show FPS & Changing default 4 ping bars to 10 bar
+Custume Commands

i can send data from my app to the console & etc by Sending text commands to console window textbox
i Know we can show messages in game by editing 00A21028 of iw4mp.exe (Displays string as Chat message)

the problem i am facing is getting players list for Kick And TempBan function

1)i know Clientinfo is at 0x8EB248 (but have no idea how to get that info to my app as a string & also the client No.)
(Memory address as per This Post)

2)how to detect if the user is a host or not & if yes then he is in game or has returned to the lobby

3) Sending String to 00A21028 memory location

Plz Guys i would be greatful if any one can can give tutorial or code for it.

Thanks
Shailm_85

Ok Guys i was able to read Write integer date but wasnt able to read String

What i'm trying to is reading ClientInfo from Modern Warfare 2
As per This post it is a structure

Can Any one help ????

hire is the code i try but didn't work.

Code:

Module Memory
    Public GameName1 As String = "iw4mp"
    Public Const PROCESS_VM_READ = &H10
    Public Const PROCESS_VM_WRITE = (&H20)
    Public Const PROCESS_VM_OPERATION = (&H8)
    Public Const PROCESS_QUERY_INFORMATION = (&H400)
    Public Const PROCESS_READ_WRITE_QUERY = PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION
    Public Const PROCESS_ALL_ACCESS = &H1F0FFF
    Private Declare Function FindWindow Lib "user32.dll" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Integer
    Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, ByVal lpdwProcessId As Long) As Long
    Public Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Long, ByRef lpBuffer As Int32, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Int32, ByRef lpBuffer As Byte(), ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Int32, ByVal lpBuffer() As Byte, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As UInteger, ByVal bInheritHandle As Integer, ByVal dwProcessId As UInteger) As IntPtr
    Public Declare Function CloseHandle Lib "kernel32.dll" (ByVal hHandle As IntPtr) As Boolean
    Public Structure CClientInfo
        <VBFixedString(28)> Public Unknown000 As String    '//0x0
        Public team As Integer                             '//0x1C
        <VBFixedString(32)> Public Unknown001 As String    '//0x20
        <VBFixedString(64)> Public BodyModel As String     '//0x040  
        <VBFixedString(64)> Public HeadModel As String     '//0x080  
        <VBFixedString(64)> Public WeaponModel As String   '//0x0C0
        <VBFixedString(64)> Public WeaponModel2 As String  '//0x100
        <VBFixedString(1004)> Public Unknown002 As String   '//0x140
    End Structure

    Public Function Game_Hwnd() As Int32
        Dim i As Int32 : Dim foundit As Boolean = False
        For Each p As Process In Process.GetProcessesByName(GameName1) ' Replace that with the games window text
            i = p.Id
            foundit = True : Exit For
        Next
        If foundit = True Then
            Return i
        Else
            MsgBox("Couldn't find Game")
            Return 0
        End If
    End Function

#Region "Memory reading/Writing"
    'Read Memory
    Public Sub ReadMemory(ByVal Address As Long, ByRef Value As Integer, ByVal Size As Integer)
        Try
            Dim mValue As Integer

            Dim GameReadWrite As Integer
            Dim PID As Integer = Game_Hwnd()
            GameReadWrite = OpenProcess(PROCESS_READ_WRITE_QUERY, False, PID)

            ReadProcessMemory(GameReadWrite, Address, mValue, Size, 0)
            Value = mValue

            CloseHandle(GameReadWrite)
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub
    Public Sub ReadMemory(ByVal Address As Long, ByRef Value As String)
        Try
            Dim intChar As Integer
            Dim Count1 As Integer
            Dim strTemp As String
            strTemp = String.Empty
            Count1 = 10
            Do
                ReadMemory(Address + Count1, intChar, 1)
                If intChar <> 0 Then strTemp = strTemp & Chr(intChar)
                Count1 += 1
                'Loop Until intChar = 0
            Loop Until Count1 = 28
            Value = strTemp
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub
    Public Sub ReadMemory(ByVal Address As Integer, ByRef Value As String, ByVal Length As Integer)
        Try
            Dim intChar As Integer
            Dim Count1 As Integer
            Dim strTemp As String
            strTemp = String.Empty
            For Count1 = 0 To Length - 1
                ReadMemory(Address + Count1, intChar, 1)
                strTemp = strTemp & Chr(intChar)
            Next
            Value = strTemp
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub
#End Region

    Function ReadInt(ByVal Address As Long)
        Dim i As String
        ReadMemory(Address, i)
        Return i
    End Function
    Function ReadInt(ByVal Address As Int32, ByVal Size As Integer)
        Dim i As Int32
        ReadMemory(Address, i, Size)
        Return i
    End Function
End Module

Public Class Form1
    Public GameName1 As String = "iw4mp"

    Public Structure CClientInfo
        <VBFixedString(28)> Public Unknown000 As String  '    //0x0
        Public team As Integer               '//0x1C
        <VBFixedString(32)> Public Unknown001 As String    '//0x20
        <VBFixedString(64)> Public BodyModel As String     '//0x040  
        <VBFixedString(64)> Public HeadModel As String     '//0x080  
        <VBFixedString(64)> Public WeaponModel As String   '//0x0C0
        <VBFixedString(64)> Public WeaponModel2 As String  '//0x100
        <VBFixedString(1004)> Public Unknown002 As String   '//0x140
    End Structure


    Dim Addr As Integer = &H8EB248
    Dim BaseAddress As Integer
    Dim MyProcess As Process() = Process.GetProcessesByName(GameName1) ' Replace that with the games window text

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Dim MyProcess As Process() = Process.GetProcessesByName(GameName1) ' Replace that with the games window text
        Dim mainModule As ProcessModule
        mainModule = MyProcess(0).MainModule
        BaseAddress = CInt(mainModule.BaseAddress)
        BaseAddress = CInt(mainModule.BaseAddress)

    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        'if your address you got from Cheat Engine or anything else has gamename+address then use this 
        'Label1.Text = ReadInt((BaseAddress + put address here))
        'if it doesn't have the + then use this
        'Dim CClientInfo1 As CClientInfo
        TextBox1.Text = ReadInt(Addr)
    End Sub
End Class

And also what the diffrence between these Addressing type 0x8EB248, iw4mp.exe+621028, 00437C4C
and how do i use this in Vb 2008

[B4M]

I can't help, but I can tell you not to double post.

[Archangel]

How about creating some modules instead of making a big pile of code?
I'll see what i can do

[Hell_Demon]

Code:

struct CEntity
{
    char Unknown000[220]; //0x0
    int ClientNumber; //0xDC
    int iEntityType; //0xE0
    char Unknown001[288]; //0xE4
};

I don't know what that looks like in Vb, but i'll give it a try anyway(fix it if needed ^^):

Code:

Public Structure CEntity
    <VBFixedString(220)> Public Unknown000 As String
    Public ClientNumber as Integer
    Public EntityType as Integer
    <VBFixedString(288)> Public Unknown001 As String
End Structure

Dim playerList(18) as CEntity 'Turn me into an array with CEntity as type, with 18 cells

Then update the struct in a timer(only if we are in a game):

Code:

Dim AreWeInGame as Integer
ReadMemory(&H7F4848, AreWeInGame, 4) ' an integer is 4 bytes long
if(AreWeInGame = 1) then
    ReadMemory(&H8F7A78, playerList, 9288) '9288 = 0x204*18
End if

Code:

Public Bool IsEntityValid(Dim pEnt as CEntity)
    Dim LocalClientNumber as Integer
    ReadMemory(&H7F493C, LocalClientNumber, 4) 'An integer is 4 bytes
    if(pEnt.EntityType = 1 and not pEnt.ClientNumber = LocalClientNumber) then 'If it is a human and doesn't have the same clientnumber as we do.
        return True 'it is valid
    Else 'else
        return False 'it is not valid
    End if
End

Then you'd need to send commands to the console, which I don't think is possible(because you need to inline it unless someone finds a function that can be called with CreateRemoteThread if VB even has that)

Good luck o_O

[B4M]

/posts merged

My first action as minion....yay

[shailm_85]

First of all
Thank you all for repling, Especially Hell_Demon

I did as you told me, but its giving a error

What i did was

1) Replaced CClientInfo structure with 1st code box codes given by Hell_Demon both in Module Memory & Class Form1

2) Added a Timer & Add the code in ur 3rd code box to Timer1_Tick function
what time interval should i give this timer ??

3) Added the codes in last code box, but gave error so i edited the the first & last line of the function to this

Code:

Public Function IsEntityValid(ByVal pEnt As CEntity) As Boolean
    End Function

Now there was 1 error left
The error was in the statement in Timer_tick function
ReadMemory(&H8F7A78, playerList, 9288)
Error was No ReadMemory overload code be call because "playerList" is a Structure.
So, i Added this Function in the #Region "Memory reading/Writing"
& changed the Value & mValue from String to CEntity

Code:

Public Sub ReadMemory(ByVal Address As Long, ByRef Value As CEntity, ByVal Size As Integer)
        Try
            Dim mValue As CEntity

            Dim GameReadWrite As Integer
            Dim PID As Integer = Game_Hwnd()
            GameReadWrite = OpenProcess(PROCESS_READ_WRITE_QUERY, False, PID)

            ReadProcessMemory(GameReadWrite, Address, mValue, Size, 0)
            Value = mValue

            CloseHandle(GameReadWrite)
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub

Now ReadProcessMemory function gave same error So i Add & Just Changed Sting to CEntity

Code:

    Public Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Long, ByRef lpBuffer As CEntity, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long

Now the same ReadMemory Statement in timer_Tick function
Error is

Code:

Error	3	Overload resolution failed because no accessible 'ReadMemory' can be called with these arguments:
    'Public Sub ReadMemory(Address As Integer, ByRef Value As String, Length As Integer)': Value of type '1-dimensional array of WindowsApplication1.Form1.CEntity' cannot be converted to 'String'.
    'Public Sub ReadMemory(Address As Long, ByRef Value As Memory.CEntity, Size As Integer)': Value of type '1-dimensional array of WindowsApplication1.Form1.CEntity' cannot be converted to 'WindowsApplication1.Memory.CEntity'.
    'Public Sub ReadMemory(Address As Long, ByRef Value As Integer, Size As Integer)': Value of type '1-dimensional array of WindowsApplication1.Form1.CEntity' cannot be converted to 'Integer'

Thanks

[Hell_Demon]

See if casting works((Int)&playerList)

[shailm_85]

Error is gone but when i try using it gives this error

"Type of argument 'Number' is 'WindowsApplication1.Form1+CEntity[]', which is not numeric."

Was able to read from &HA21028 this address (its string data allocated for Chat string) by changing

ReadProcessMemory(GameReadWrite, Address, mValue, Size, 0)
to
ReadProcessMemory(GameReadWrite, Address, mValue, Size, 0&)

But not from &H8F7A78

heres the code i'm using to read 1 byte at a time

Code:

Const PAGE_EXECUTE_READWRITE As Long = &H40
        Dim tr As Integer
        Static tr1 As Integer = 0
        Dim GameReadWrite As Long
        Dim Addres1 As Long = (&H8F7A78 + tr1)
        Dim PID As Integer = Game_Hwnd()
        GameReadWrite = OpenProcess((PROCESS_ALL_ACCESS), False, PID)
        Dim Oldprotect1, Oldprotect2 As Integer
        Do
            Try
                TextBox2.Text = VirtualProtectEx(GameReadWrite, Addres1, 1, PAGE_EXECUTE_READWRITE, Oldprotect1)
                TextBox3.Text = ReadProcessMemory(GameReadWrite, Addres1, tr, 1, 0&)
                TextBox4.Text = VirtualProtectEx(GameReadWrite, Addres1, 1, Oldprotect1, Oldprotect2)

            Catch Ex As Exception
                MsgBox(Ex.ToString)
            End Try
            If tr <> 0 Then
                TextBox1.Text = Chr(tr).ToString
            End If
            Label1.Text = tr1.ToString
            tr1 = tr1 + 1
        Loop While TextBox1.Text = ""
        CloseHandle(GameReadWrite)

[shailm_85]

Sorry for double posting i cant edit my above post


heres the whole code

Button6 is what i'm working, i am able to read 1 byte at time and convert it to Char using Chr() function but it returns unreadable chars like @#^ etc.
And i'm not able to read the whole struct

i start iw4mp
then i start a private match
then i test my application

Code:

Imports System.Runtime.InteropServices
Imports System
Imports System.IO
Imports System.Text

Module Memory
    Public GameName1 As String = "iw4mp"
    Public Const PROCESS_VM_READ = &H10
    Public Const PROCESS_VM_WRITE = (&H20)
    Public Const PROCESS_VM_OPERATION = (&H8)
    Public Const PROCESS_QUERY_INFORMATION = (&H400)
    Public Const PROCESS_ALL_ACCESS = &H1F0FFF
    Public Const PROCESS_READ_WRITE_QUERY = PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION
    Private Declare Function FindWindow Lib "user32.dll" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Integer
    Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, ByVal lpdwProcessId As Long) As Long
    Public Declare Auto Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Long, ByRef lpBuffer As Int32, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Boolean
    Public Declare Auto Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Long, ByRef lpBuffer As WindowsApplication1.Form1.CEntity, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Auto Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Long, ByRef lpBuffer() As WindowsApplication1.Form1.CEntity, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Auto Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Int32, ByRef lpBuffer As Byte(), ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As IntPtr, ByVal lpBaseAddress As Int32, ByVal lpBuffer() As Byte, ByVal nSize As Int32, ByVal lpNumberOfBytesWritten As Int32) As Long
    Public Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As UInteger, ByVal bInheritHandle As Integer, ByVal dwProcessId As UInteger) As IntPtr
    Public Declare Function CloseHandle Lib "kernel32.dll" (ByVal hHandle As IntPtr) As Boolean
    Public Declare Function VirtualProtectEx Lib "kernel32.dll" (ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, ByVal dwSize As IntPtr, ByVal newProtect As Integer, ByRef oldProtect As Integer) As Boolean
    Public Declare Function VirtualAllocEx Lib "kernel32.dll" (ByVal hProcess As IntPtr, ByVal lpAddress As IntPtr, ByVal dwSize As UInteger, ByVal flAllocationType As UInteger, ByVal flProtect As UInteger) As IntPtr

    Private Const PAGE_EXECUTE_READWRITE As Long = &H40

    'Dim playerList(18) As CEntity 'Turn me into an array with CEntity as type, with 18 cells


    Public Function Game_Hwnd() As Int32
        Dim i As Int32 : Dim foundit As Boolean = False
        For Each p As Process In Process.GetProcessesByName(GameName1) ' Replace that with the games window text
            i = p.Id
            foundit = True : Exit For
        Next
        If foundit = True Then
            Return i
        Else
            MsgBox("Couldn't find Game")
            Return 0
        End If
    End Function

#Region "Memory reading/Writing"
    'Read Memory
    Public Sub ReadMemory(ByVal Address As Long, ByRef Value As Integer, ByVal Size As Integer)
        Try
            Dim mValue As Integer

            Dim GameReadWrite As Integer
            Dim PID As Integer = Game_Hwnd()
            GameReadWrite = OpenProcess((PROCESS_ALL_ACCESS), False, PID)

            ReadProcessMemory(GameReadWrite, Address, mValue, Size, 0&)
            Value = mValue

            CloseHandle(GameReadWrite)
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub
    Public Sub ReadMemory(ByVal Address As Long, ByRef Value As String)
        Try
            Dim intChar As Integer
            Dim Count1 As Integer
            Dim strTemp As String
            strTemp = String.Empty
            Count1 = 0
            Do
                ReadMemory(Address + Count1, intChar, 1)
                If intChar <> 0 Then strTemp = strTemp & Chr(intChar)
                Count1 += 1
            Loop Until intChar = 0
            'Loop Until Count1 = 28
            Value = strTemp
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub
    Public Sub ReadMemory(ByVal Address As Integer, ByRef Value As String, ByVal Length As Integer)
        Try
            Dim intChar As Integer
            Dim Count1 As Integer
            Dim strTemp As String
            strTemp = String.Empty
            For Count1 = 0 To Length - 1
                ReadMemory(Address + Count1, intChar, 1)
                strTemp = strTemp & Chr(intChar)
            Next
            Value = strTemp
        Catch Ex As Exception
            MsgBox(Ex.ToString)
        End Try
    End Sub
#End Region

    Function ReadInt(ByVal Address As Long)
        Dim i As String
        ReadMemory(Address, i)
        Return i
    End Function
    Function ReadInt(ByVal Address As Int32, ByVal Size As Integer)
        Dim i As Int32
        ReadMemory(Address, i, Size)
        Return i
    End Function

End Module

Public Class Form1
    Public GameName1 As String = "iw4mp"

    <StructLayout(LayoutKind.Sequential)> _
    Public Structure CEntity
        <VBFixedString(220)> Public Unknown000 As String
        Public ClientNumber As Integer
        Public EntityType As Integer
        <VBFixedString(288)> Public Unknown001 As String
    End Structure
    Dim playerList(11) As CEntity 'Turn me into an array with CEntity as type, with 18 cells


    Dim Addr As Integer = &H8F7A78
    Dim BaseAddress As Integer
    Dim MyProcess As Process() = Process.GetProcessesByName(GameName1) ' Replace that with the games window text

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Dim MyProcess As Process() = Process.GetProcessesByName(GameName1) ' Replace that with the games window text
        Dim mainModule As ProcessModule
        mainModule = MyProcess(0).MainModule
        BaseAddress = CInt(mainModule.BaseAddress)
        BaseAddress = CInt(mainModule.BaseAddress)
        For i As Byte = 0 To UBound(playerList)
            playerList(i).Unknown000 = ""
            playerList(i).ClientNumber = 0
            playerList(i).EntityType = 0
        Next i

    End Sub

    Private Sub Button6_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button6.Click
        Const PAGE_EXECUTE_READWRITE As Long = &H40
        Const MEM_RESERVE = &H2000
        Const MEM_RESET = &H80000
        Dim GameReadWrite As Long
        'Dim Addres1 As Long = CInt("&H" & TextBox6.Text)
        Dim Addres1 As Long = (&H8F7A78 + (516 * 2))
        'Dim Addres1 As Long = &H8F7A78
        Dim Siz1 As Int32 = (516)
        'Dim Siz1 As Int32 = (516 * 18)
        Dim PID As Integer = Game_Hwnd()
        GameReadWrite = OpenProcess((PROCESS_ALL_ACCESS), False, PID)
        Dim Oldprotect1, Oldprotect2 As Integer
        VirtualAllocEx(GameReadWrite, Addres1, Siz1, MEM_RESET, PAGE_EXECUTE_READWRITE)
        VirtualProtectEx(GameReadWrite, Addres1, Siz1, PAGE_EXECUTE_READWRITE, Oldprotect1)
        Try
            TextBox3.Text = ReadProcessMemory(GameReadWrite, Addres1, playerList(2), Siz1, 0&)
        Catch Ex As Exception
            MsgBox(Ex.ToString)
            Exit Sub
        End Try
        VirtualProtectEx(GameReadWrite, Addres1, Siz1, Oldprotect1, Oldprotect2)
        CloseHandle(GameReadWrite)
        TextBox1.Text = playerList(2).Unknown000
        TextBox2.Text = (playerList(2).ClientNumber.ToString & ", " & playerList(2).EntityType.ToString)
    End Sub
End Class

Thanks

[Insane]

Sorry for double posting i cant edit my above post

Wut? Why can't you edit your post above. Just press the edit button.

[shailm_85]

Wut? Why can't you edit your post above. Just press the edit button.

Edit button is not avalable only Quote, Multi Off, Quick Reply and Quick Quote is avalaible. i have edit it onces before maybe theres a limit to editing a post

edit button is only avalaible in this new posts which i havent edited even onces

Ooo heres the problem